Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
New Contributor

Geo Location not working



I'm using a Fortinet 60D 5.4.1 and I have the following Rule Policy Rule:

Internal to WAN  all allow.

Implicit Deny an any ALL


Using these peoples from others countries are able to access the router interface. Then, I created a rule WAN to Internal from GEO-CHINA to Internal ALL Deny but People from China are still able to access our router.


Any Suggestions of what is wrong?


New Contributor III



If you created your geo rule to your internal nic, wan will continue to accept connections from anywhere. Try to create a local-in policy using CLI to protect access to your WAN interface.


config firewall local-in-policy edit <name_str> set policyid <integer> set ha-mgmt-intf-only {enable | disable} set intf <string> config srcaddr edit <name_str> set name <string> end config dstaddr edit <name_str> set name <string> end set action {accept | deny} config service edit <name_str> set name <string> end set schedule <string> set status {enable | disable} end

Top Kudoed Authors